Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update all edx-platform REST endpoints to support JWT Auth #33662

Closed
39 tasks
feanil opened this issue Nov 6, 2023 · 1 comment
Closed
39 tasks

Update all edx-platform REST endpoints to support JWT Auth #33662

feanil opened this issue Nov 6, 2023 · 1 comment
Assignees

Comments

@feanil
Copy link
Contributor

feanil commented Nov 6, 2023

The default DRF Auth classes were recently updated to allow for both JWT and Session auth by default. Any endpoint that overrides the AUTHENTICATION_CLASSES but has just session, just JWT or just both of those should be updated to remove the override.

Related Issue: #33302

Tasks

  • Update all API views that explicitly accept only SessionAuth to use the DEFAULT_AUTHENTICATION_CLASSES instead.

Relevant Views/URLs

  • /api/bookmarks/v1/bookmarks/ : get
  • /api/bookmarks/v1/bookmarks/ : post
  • /api/bookmarks/v1/bookmarks/{username},{usage_id}/ : get
  • /api/bookmarks/v1/bookmarks/{username},{usage_id}/ : delete
  • /api/commerce/v0/baskets/{basket_id}/order/ : get
  • /api/send_account_activation_email : post
  • /api/team/v0/bulk_team_membership/{course_id} : get
  • /api/team/v0/bulk_team_membership/{course_id} : post
  • /api/team/v0/team_membership/ : get
  • /api/team/v0/team_membership/ : post
  • /api/team/v0/team_membership/{team_id},{username} : get
  • /api/team/v0/team_membership/{team_id},{username} : delete
  • /api/team/v0/teams/ : get
  • /api/team/v0/teams/ : post
  • /api/team/v0/teams/{team_id} : get
  • /api/team/v0/teams/{team_id} : patch
  • /api/team/v0/teams/{team_id} : delete
  • /api/team/v0/teams/{team_id}/assignments : get
  • /api/team/v0/topics/ : get
  • /api/team/v0/topics/{topic_id},{course_id} : get
  • /api/user/v1/forum_roles/{name}/users/ : get
  • /api/user/v1/preferences/{pref_key}/users/ : get
  • /api/user/v1/preferences/{username}/{preference_key} : get
  • /api/user/v1/preferences/{username}/{preference_key} : put
  • /api/user/v1/preferences/{username}/{preference_key} : delete
  • /api/user/v1/preferences/email_opt_in/ : post
  • /api/user/v1/user_prefs/ : get
  • /api/user/v1/user_prefs/{id}/ : get
  • /api/user/v1/users/ : get
  • /api/user/v1/users/{id}/ : get
  • /courses/{course_id}/teams/ : get
  • /user_api/v1/forum_roles/{name}/users/ : get
  • /user_api/v1/preferences/{pref_key}/users/ : get
  • /user_api/v1/preferences/email_opt_in/ : post
  • /user_api/v1/user_prefs/ : get
  • /user_api/v1/user_prefs/{id}/ : get
  • /user_api/v1/users/ : get
  • /user_api/v1/users/{id}/ : get

Acceptance Criteria

  • There are no API Views in edx-platform that explicitly only allow SessionAuth, only JWT Auth, or only those two together.
  • It's fine to break this up into multiple PRs to ease review and land smaller changes.
@feanil feanil converted this from a draft issue Nov 6, 2023
@feanil feanil moved this from 🆕 New to 🔖 Ready in Aximprovements Team Nov 6, 2023
@salman2013 salman2013 moved this from 🔖 Ready to 🏗 In progress in Aximprovements Team Jan 30, 2024
@salman2013 salman2013 moved this from 🏗 In progress to 👀 In review in Aximprovements Team Feb 1, 2024
feanil pushed a commit that referenced this issue Feb 13, 2024
* chore: update API endpoints to support default JWT auth

The default DRF Auth classes were recently updated to allow for both JWT and Session auth by default. Any endpoint that overrides the AUTHENTICATION_CLASSES but has just session, just JWT or just both of those should be updated to remove the override.

Details in #33662
@feanil
Copy link
Contributor Author

feanil commented Feb 13, 2024

Updated in #34152

@feanil feanil closed this as completed Feb 13, 2024
@github-project-automation github-project-automation bot moved this from 👀 In review to ✅ Done in Aximprovements Team Feb 13, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
Archived in project
Development

No branches or pull requests

2 participants